<?php
	
	require_once('inc/fen_fns.php');
	
	sec_session_start();

	$publication_id = $_POST['publication_id'];
	$yayin_turu = $_POST['yayin_turu'];
	$eser_adi = mysql_real_escape_string(trim($_POST['eser_adi']));
	$dergi_adi = mysql_real_escape_string(trim($_POST['dergi_adi']));
	$volume = mysql_real_escape_string(trim($_POST['volume']));
	$issue = mysql_real_escape_string(trim($_POST['issue']));
	$sayfa = mysql_real_escape_string(trim($_POST['sayfa']));
	$yayinevi_adi = mysql_real_escape_string(trim($_POST['yayinevi_adi']));
	$doi_no = mysql_real_escape_string(trim($_POST['doi_no']));
	$yayin_yili = $_POST['yayin_yili'];
	$yazar_sayisi = $_POST['yazar_sayisi'];
	$indeks_turu = $_POST['indeks_turu'];
	$indeks_alan = mysql_real_escape_string(trim($_POST['indeks_alan']));
	$sinif = $_POST['sinif'];
	$kitap_adi = mysql_real_escape_string(trim($_POST['kitap_adi']));
	$editor_adi = mysql_real_escape_string(trim($_POST['editor_adi']));
	$isbn_no = mysql_real_escape_string(trim($_POST['isbn_no']));
	
	if ($indeks_turu != 'Alan') {
		$indeks_alan = "";
	}

	if (login_check($mysqli, '>', '10') == true) {

		$query = $_DB->Query("update fen_publications set
							yayin_turu = '$yayin_turu',
							eser_adi = '$eser_adi',
							dergi_adi = '$dergi_adi',
							volume = '$volume',
							issue = '$issue',
							sayfa = '$sayfa',
							yayinevi_adi = '$yayinevi_adi',
							doi_no = '$doi_no',
							yayin_yili = '$yayin_yili',
							yazar_sayisi = '$yazar_sayisi',
							indeks_turu = '$indeks_turu',
							indeks_alan = '$indeks_alan',
							sinif = '$sinif',
							kitap_adi = '$kitap_adi',
							editor_adi = '$editor_adi',
							isbn_no = '$isbn_no',
							date_modified = DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 2 HOUR)
							WHERE
							id = '$publication_id' and member_id = '".$_SESSION['user_id']."'
						 	");
		
		$query = $_DB->Query("SELECT fen_members.username, fen_members.name, fen_members.surname, fen_members.titr, fen_faculty.faculty_name, fen_department.department_name FROM fen_members, fen_faculty, fen_department where fen_members.username = '".$_SESSION['username']."' and fen_members.faculty_id = fen_faculty.id and fen_members.department_id = fen_department.id");
		$fullname = $_DB->GetResultValue($query, "0", "name")." ".$_DB->GetResultValue($query, "0", "surname");	
		$username = $_DB->GetResultValue($query, "0", "username");
		
		function GetIP() {
		   	if(getenv("HTTP_CLIENT_IP")) {
		   		$ip = getenv("HTTP_CLIENT_IP");
		   	} elseif(getenv("HTTP_X_FORWARDED_FOR")) {
		   		$ip = getenv("HTTP_X_FORWARDED_FOR");
		   		if (strstr($ip, ',')) {
		   			$tmp = explode (',', $ip);
		   			$ip = trim($tmp[0]);
		   		}
		   	} else {
		   		$ip = getenv("REMOTE_ADDR");
		   	}
		   	return $ip;
	    }
	    $ip = GetIP();
		
		$query3 = $_DB->Query("insert into fen_transaction_history values
                         (null,
						 '".$publication_id."',
						 '".GUNCELLEME."',
						 '".$ip."',				
						 DATE_ADD(CURRENT_TIMESTAMP, INTERVAL 3 HOUR),
		  				 '".$username."'
						 )");
		
		header('Location: ./form.php?fid=2');
	
	} else {
		header('Location: ./index.php?error=2');
	}
	
	